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REMARKS 

Applicant appreciates the Examiner's thorough consideration provided the present 
application. Claims 11-20 are now present in the application. The Specification has been 
amended. Claims 11-20 have been added. Claims 1-10 have been cancelled. Claim 11 is 
independent. Reconsideration of this application, as amended, is respectfully requested. 



Specification 

The specification and title have been amended to clarify the present invention. A 
Substitute Specification is attached hereto. This statement is included in accordance with 37 
C.F.R. § 1.125 to indicate that it is the imdersigned's belief that no new matter has been included 
in the Substitute Specification and Abstract. 

A comparison version of the specification is provided. This comparison document 
indicates all additions and deletions to the originally filed specification. Apphcant respectfully 
submits that the Substitute Specification includes the same changes as are indicated in the 
comparison document which compares the originally filed specification to the amended 
specification or Substitute Specification. 

Claim Rejections Under 35 U.S.C. §§ 102 & 103 

Claims 1-8 and 10 stand rejected under 35 U.S.C. § 102(b) as being anticipated by Abadi, 
U.S. Patent No. 5,315,657. Claim 9 stands rejected under 35 U.S.C. § 103(a) as being 
unpatentable over Abadi in view of Cline, U.S. Patent No. 5,550,970. These rejections are 
respectfully traversed. 
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Without conceding to the propriety of the Examiner's rejections, but merely to timely 
advance the prosecution of the application, as the Examiner will note, independent claims 1-10 
have been cancelled. Accordingly, reconsideration and withdrav^al of the rejections under 35 
U.S.C. §§ 102 and 103 are respectfully requested. 

Additional Claims 

Claims 11-20 have been added for the Examiner's consideration. Applicant respectfully 
submits that the combination of elements as set forth in new independent claim 11 is not 
disclosed or suggested by the references relied on by the Examiner, as described hereinbelow. 

Abadi 

Abadi discloses an access control list (ACL) for determining the access rights of 
principals in as allocated system. Generally speaking, the ACL is a data structure that associates 
access rights with sets of named principals. The ACL is list of security access rights that applies 
to an object, an attribute and a resource (see col. 16, line 59-67 and col. 17, line 1-67). The ACL 
are read, write, delete, etc. Referred to Fig. 8 of Abadi, the ACL is used as an Object. As shown 
in FIG. 8 of Abadi, the principal JOHN has read access to the object 60. More, for security 
reasons, each principal or group named in the ACL should be authenticated. An ACL can 
include a group as an entry, the contents of that group in effect become part of that ACL. For 
example, in Fig. 9A of Abadi, an ACL 70 may contain several principal entries 72, as well as the 
access rights associated with those entries 74. The ACL 70 may also contain group entries, such 
as TEACHER 75. Referred to Fig, 9B of Abadi, TEACHER 75 includes different principals, 
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which are allowed access to the object controlled by ACL 70. For example, BOB is allowed 

only to delete to the object controlled by ACL 70, but not for writing. In other words, Abadi is 

used to determine the access authentication, which authenticates different users bv different 

access rights. 

Unlike Abadi, the present is applied to the network, which includes the server and the 
client. First, please referring Fig. 4 of the claimed invention, prioritv parameter tables recited as 
claim 1 1 are established to define a weight standard parameter for the access target (such as the 
file type and the file size), the sending source of the access request command (such as user's 
network ID and IP address of the computer). Then, the system accepts the access request 
command from a client. The request access conmiand includes the access target, the sending 
source of the access request command. Next, the access target of the access request command 
and the sending source of the access request command according to the corresponding access 
target and the sending source of the priority parameter table to generate an access priority value. 
More specifically speaking, for example, referring to Fig. 4, if the access target of the access 
command is a text file, such as .DOC format, the sending source of the access command is a 
manager, and the file size is smaller than 4MB, After analyzing the access target and the sending 
source of the access request command according to the priority parameter table, the access 
priority value is generated as 22. 

After the access priority value is obtained, a ranking mechanism is performed to 
reallocate an access prioritv list to reallocating an access priority list. That is, the previously 
processes, such as processes A, B, C, D and E, and the newly added process, such as process F 
are ranked according to the access priority value of each process and then an access priority list 

Birch, Stewart^ Kolasch & Birch. LLP KM/GH/cl 



ApplicationNo. 10/685,425 DocketNo.: 3313-1044P 

Amendment dated October 12, 2007 

Reply to Office Action of July 16, 2007 Page 10 of 11 

is reallocated. Next, the access priority list is finally executed in sequence. Unlike Abadi, the 

claimed invention discloses a dynamically assigning network access priority through the self- 
defined priority table according to the demands, which is different from Abadi . Therefore, the 
subject matter of the present invention is different fi-om Abadi. 

In addition, it is noted that Abadi is an early terminal server, which fails to mention the 
function of the ranking mechanism of the claimed invention. 



Cline 

Cline discloses a method and system for allocating resources, which is to allocate 
resources of RAM space. For example, referred to Fig. 3 of Cline, the three processes (program 
A, program B and program C) would initially each be allocated equal proportions of RAM space. 
That is, proportion field 332, 334, and 336 would each indicate a number 1. Then, the user could 
change those proportion relative values respectively, such as to 9, 3, and 6, by dragging the drag 
handle for each bar until the desired value appears in the proportion field. In comparison with 
the application, the system of Cline is an allocation applied to a system resources, which is 
different from the network access priority of the claimed invention. 

Accordingly, neither of the utilized references individually or in combination teaches or 
suggests the limitations of new independent claim 11. Therefore, Applicant respectfully submits 
that new independent claim 1 clearly defines over the teachings of the utilized references. 

In addition, claims 12-20 depend, either directly or indirectly, from new independent 
claim 11, and are therefore allowable based on their respective dependence fi-om new 
independent claim 11, which is believed to be allowable. 
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Favorable consideration and allowance of claims 1 1-19 are respectfully requested. 



CONCLUSION 



Since the remaining patents cited by the Examiner have not been utilized to reject the 
claims, but merely to show the state of the prior art, no further comments are necessary with 
respect thereto. 

It is believed that a full and complete response has been made to the Office Action, and 
that as such, the Examiner is respectfully requested to send the application to Issue. 

In the event there are any matters remaining in this application, the Examiner is invited to 
contact Joe McKinney Muncy, Registration No. 32,334 at (703) 205-8000 in the Washington, 



If necessary, the Commissioner is hereby authorized in this, concurrent, and future 
replies, to charge payment or credit any overpayment to Deposit Account No. 02-2448 for any 
additional fees required under 37 CF.R. §§1.16 or 1.17; particularly, extension of time fees. 



Falls Church, Virginia 22040-0747 
(703) 205-8000 
Attorney for Applicant 
Attachments: Clean Copy of the Substitute Speciflcation 

Marked-up Copy of the Substitute Specification 



D.C. area. 



Dated: October 12, 2007 




Joe McKinney Muncy / 
Registration No.: 32,3B4 / 
BIRCH, STEWART, KOLASCH & BIRCH, LLP 



81 10 Gatehouse Road 
Suite 100 East 
P.O. Box 747 
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METHOD OF DYNAMICALLY ASSIGNING NETWORK ACCESS 
PRIVILEGES PRIORITIES 

BACKGROUND OF THE INVENTION 

Field of Invention 

The invention relates to a method of assigning network access privil e g e s p rioritv and, in 
particular, to a method that distribute system resources as the number of access routines 
increases or decreases. 

Related Art 

The storage server is a public space in a network environment. It is widely used in 
10 local area networks (LAN's) or the Internet, allowing several clients or user accounts to 
access data. Although this access mechanism is convenient, there are many situations 
where the storage server is used for private purposes. Generally speaking, the data stored 
in the storage server should be public related files. Due to difficulties in management, the 
storage server is often misused by individuals in sizeable companies or enterprises. For 
1 5 example, mp3 files, games, private pictures or even private digital audio/video (AV) files 
are often stored in the server. If an employee has to perform an access process in order to 
complete an assigned job, its access may be delayed because some unknown user in the 
access control list of the storage server is accessing a large digital AV file at the same time. 
On the other hand, storing non-business related files in the storage server also wastes the 
20 resources of the company. 

To address this problem, a privil e g e p rioritv management method has been proposed in 
the prior art. The method defines in the database a list of certain people who are allowed to 
access specific data. Using the concept of weights, some users are assigned with higher 
I privilogos p riorities for the convenience of management. Not all users online can access 
25 any data. Thus, in order to access certain files, the user not only has to be in the file 
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I management list but also has to obtain a suitable privil e g e prioritv through some kind of 
mechanism or verification. Although this method is ideal for small companies or teams, it 
does not disclose in detail the privileg e prioritv assigning mechanism for big companies that 
have many users accessing data continuously. It does not provide a solution when 
5 multiple users are using system resources simultaneously. Therefore, there may be 
problems such as that system resources cannot be flexibly distributed if a particular user is 
in an emergency to access data or that a user is disconnected because his or her 
privil e ge prioritv is not high enough. 

SUMMARY OF THE INVENTION 

10 The invention provides a method to effectively avoid private uses of the public storage 

server. For the issue of access control list when simultaneous accesses occur, the 
invention makes an efficient distribution of the system resources under the premise that no 
other access routines are interrupted. To solve the foregoing problems, the invention 
provides a method of dynamically assigning network access privilogos priorities . 

15 According to the contents of the access request command, the method assigns 
privil e g e prioritv parameters corresponding to the access target, the command sending 
source, and the command sending time. Finally, the privilege p rioritv parameters are 
summed up to produce an access privil e g e p riority list. Using the access privileg e p rioritv 
list, the system dynamically distributes system resources after each new access is finished. 

20 Using the invention, the system can have a strategic gauge through the self-defined 

privil e ge p rioritv table to effectively prevent those accesses unrelated to business. When 
simultaneous multiple accesses occur, the invention allows the users to share the network 
without interrupting any access by brutal force. Therefore, the invention can make the 
network access usage more reasonable and efficient. 

25 BRIEF DESCRIPTION OF THE DRAWINGS 

The invention will become more fully understood from the detailed description given 
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hereinbelow illustration only, and thus are not limitative of the present invention, and 
wherein: 

FIG. 1 is a schematic view showing the disclosed network environment; 

FIG. 2 is a flowchart of the disclosed method of dynamically assigtiing network access 
5 privil e ges p riorities : 

FIG. 3 is a flowchart of the steps in the sorting mochanism ranking mechanism : and 

FIG. 4 is an embodiment of the invention. 

DETAILED DESCRIPTION OF THE INVENTION 

Suppose there are several clients 10, 20, 30 sharing data stored in a storage server 100 
10 using the Internet or a local area network (LAN). Each user has a network access account. 
Each client has its own network address for uploading to and downloading from the storage 
server 100. 

Suppose several user clients 10, 20 already access jobs in the access control list on the 
storage server 100. When a new client 30 wants to send an access message to the storage 

15 server 100, the system follows the disclosed method to dynamically assigning the network 
I access privileg e s priorities . First, more than one privil e g e p rioritv parameter tables are 
established on the storage server (step 200). The spirit of the invention is to define a 
weighted standard according to the access target, the sending source of the access request 
command, and the sending time of the access command in order for the access job with the 

20 highest weighted privil e g e prioritv parameter to have the highest priority. In other word, 
more system resources are granted for the job. The privilogo prioritv table basically has 
two fields: one has the defining target, such as the access target, the sending source of the 
request access command, and the sending time of the access command; and the other has 
the corresponding weighted parameter, which is defined according to its type. 

25 In step 300, the system accepts the request access command. When each of the users 
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at clients 10, 20, 30 wants to access data, a access request command is first sent from the 
user. The user has to wait for the reply from the storage server 100. The command 
includes the information of the storage target, the sending source of the access command, 
and the sending time of the access command. The storage target further contains such 
5 information as the file type, the file size, and the estimated accessing time that are to be 
used as references for determining the privil e g ep riority . For example, one can assign 
the .PDF files with the highest weight and the .DOC files are the next. The standard and 
file types are defined by the enterprise itself so that business-related accesses obtain the 
I highest processing privilogos priorities . Moreover, since large-size file transmissions 
10 generally affect the network quality and slow down access actions of other users, one can 
also assign a lower weight to such accesses. This arrangement enables the system to finish 
quick and easy jobs. As the network quality is kept well during the whole process, delays 
of urgent and small file transmissions can be avoided. 

Besides, the sending source of the access command is also a consideration. Since 
15 there are different levels in a company, the importance and values of a job naturally 
increase with the position of the user in the company. If a user with a higher position in a 
company cannot obtain a higher priority in the access control list during multiple accesses, 
then he or she cannot make prompt decisions due to the delay of retrieving important data. 
Therefore, the invention assigns different weight parameters to users according to their 
20 position in the company. The user's network ID is used to identify his or her position in 
the company. One can also use the IP address of each computer to determine the identity. 

According to the privil e g e priority parameter table and the access request command, a 
sorting mechanism ranking mechanism is used to generate an access privil e ge priority list 
(step 400). The contents of the access request command have several weight parameters, 
25 the sum of which is sorted to generate an access privilog o p rioritv list (see FIG. 3). The 
sorting m e chanism r anking mechanism includes the following steps. First, the system 
reads the access request command and obtains the corresponding weight parameter from the 
privil e ge priority parameter tables according to the command (step 410). In other words, 
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the access request command is analyzed to obtain a weight parameter for each of the 
predefined target. The weight parameters are then summed up (step 420). That is, an 
addition subroutine is employed to add up all the weight parameters belonging to the access 
command, obtaining a privil e g e priority value. The weight parameter sum is used to 
update the access privil e g epriority list (step 430). The access privilege prioritv list has at 
least three fields. One is the weight value, the sum of all the weight parameters. Another 
is the access process name, which is also the ID of the access command. The other is the 
system resource percentage. Whenever a new access process is added into the access 
privil e ge priority list or an existing access process finishes, all the above-mentioned three 
fields are updated at the same time. This is the feature of the dynamical assignment 
disclosed by the invention. 

In step 500, the system distributes the system resources according to the access 
privil e g e priority list and executes access processes. The access privil e g e p rioritv list 
indicates the weight value of each access process. The system distributes the system 
resources according to the weight values. The distribution method disclosed by the 
invention is dynamical. The weight values of all the access processes are added up to a 
total weight value. The weight value of each access process is divided by the total weight 
value to obtain a dynamical distribution percentage. The system then uses the dynamical 
distribution percentage as the reference for the CPU to schedule access processes. This 
method is particular useful for processing simultaneous multiple accesses. The finite 
bandwidth of the network can be thus optimized for public uses in a flexible way. On the 
other hand, for those processes unrelated to the business, such as downloading MPS or AV 
files, the system slows down their efficiencies to discourage such processes. Moreover, 
users with existing processes are not interrupted by new users because of the new users 
have higher privil e g e s p riorities . 

In the following, we use an embodiment to describe the procedure flow of the invention. 
With reference to FIG. 4, suppose an access request command is sent out. The access 
target is a text file (.DOC format), the sending source of the access command is a manager. 
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and the file size is smaller than 4MB. After the sorting process, the privil e g e p rioritv value 
is determined to be 22, corresponding to the process F as shown in the access 
privil e g e prioritv list 80. Before executing the command, there are already processes A, B, 
C, D and E in the control list. The invention dynamically assigns a new set of 
privil e g e p rioritv values to all the existing processes, updating from the original access 
privil e g e p rioritv list 70 to the new access privil e g e p riority list 80. 

Certain variations would be apparent to those skilled in the art, which variations are 
considered within the spirit and scope of the claimed invention. 
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